Thanks, Dan!
I'm not very familiar with these security issues.
Is this a code which was implemented by the plugin writer?
I used the search function of krusader (file manager) to search in the files of my website. The result was negative. However, I'm not sure if the search included file content.
Unfortunately I can't run grep as there is no root access to the server.